Does rpcpassword need to be non-obvious in bitcoind?Do i need ~4 years to sync?Full-node bitcoin instance seems to have stopped receiving blockchain informationHow many peers do you need to securely synchronize with the blockchain?What does one need to do to earn Decred through PoS?Very hard to sync Core Client from scratchbitcoind syncing backwardsNeed to access remote bitcoin node for LightningCan non mining full nodes prevent 51% attack? Does it actually strengthen the network? I am confused of its real purpose

Is it safe to unplug a blinking USB drive after 'safely' ejecting it?

My passport was stamped with an exit stamp while transiting to another Schengen country via Turkey. Was this a mistake?

How is underwater propagation of sound possible?

Amiga 500 OCS/ECS vs Mega Drive VDP

(How long) Should I indulge my new co-workers?

Should I inform my future product owner that there is a good chance that a team member will leave the company soon?

Manager manipulates my leaves, what's in it for him?

What do you call the battery slot's ends?

Output Distinct Factor Cuboids

Why are there two bearded faces wearing red hats on my stealth bomber icon?

Is the name of an interval between two notes unique and absolute?

Can one guy with a duplicator trigger a nuclear apocalypse?

What can I actually do with a high credit score?

EU compensation - fire alarm at the Flight Crew's hotel

How often is duct tape used during crewed space missions?

Minimize taxes now that I earn a living wage

Is a global DNS record a security risk for phpMyAdmin?

What’s a “dissipated” garment supposed to be?

Floating Point XOR

Why would a fighter use the afterburner and air brakes at the same time?

Carroll's interpretation of 1-forms

If people's daily habits are reliable then why is the stock market so unpredictable?

Why are there no programmes / playbills for movies?

What is the origin of the “clerics can create water” trope?



Does rpcpassword need to be non-obvious in bitcoind?


Do i need ~4 years to sync?Full-node bitcoin instance seems to have stopped receiving blockchain informationHow many peers do you need to securely synchronize with the blockchain?What does one need to do to earn Decred through PoS?Very hard to sync Core Client from scratchbitcoind syncing backwardsNeed to access remote bitcoin node for LightningCan non mining full nodes prevent 51% attack? Does it actually strengthen the network? I am confused of its real purpose






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








1















I'm syncing a full BTC node onto an external hard drive, which I'm connecting to by USB. I've created a bitcoin.conf file which sets a very insecure rpcpassword. This is literally the only field I put in the bitcoin.conf file. In what way does this matter?



(I've just changed the password. Should I restart the sync, given that it's 49% through?)










share|improve this question
































    1















    I'm syncing a full BTC node onto an external hard drive, which I'm connecting to by USB. I've created a bitcoin.conf file which sets a very insecure rpcpassword. This is literally the only field I put in the bitcoin.conf file. In what way does this matter?



    (I've just changed the password. Should I restart the sync, given that it's 49% through?)










    share|improve this question




























      1












      1








      1








      I'm syncing a full BTC node onto an external hard drive, which I'm connecting to by USB. I've created a bitcoin.conf file which sets a very insecure rpcpassword. This is literally the only field I put in the bitcoin.conf file. In what way does this matter?



      (I've just changed the password. Should I restart the sync, given that it's 49% through?)










      share|improve this question
















      I'm syncing a full BTC node onto an external hard drive, which I'm connecting to by USB. I've created a bitcoin.conf file which sets a very insecure rpcpassword. This is literally the only field I put in the bitcoin.conf file. In what way does this matter?



      (I've just changed the password. Should I restart the sync, given that it's 49% through?)







      synchronization full-node






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 10 hours ago







      jkabrg

















      asked 10 hours ago









      jkabrgjkabrg

      1257 bronze badges




      1257 bronze badges























          2 Answers
          2






          active

          oldest

          votes


















          4
















          By default the RPC interface is only exposed to localhost (127.0.0.1 and ::1), not to the world. In that setting, you need an RPC password only to protect against untrusted local users on your system (unless you're somehow tunneling the RPC port 8332 out).



          That said, why do you have an rpcpassword at all? If you're only going to use bitcoin-cli for example you don't need one since version 0.12 (see https://bitcoin.org/en/release/v0.12.0#rpc-random-cookie-rpc-authentication). If you need for having external applications to to bitcoind, rpcauth is preferred over rpcpassword.



          There is certainly no need to restart syncing.






          share|improve this answer



























          • Isn't the RPC port 8332?

            – Ugam Kamat
            10 hours ago






          • 1





            @UgamKamat Thanks, fixed!

            – Pieter Wuille
            10 hours ago











          • I need it to call bitcoin-cli stop

            – jkabrg
            9 hours ago












          • No need for an rpcpassword at all in that case. Since 0.12 cookie authentication is used when no rpcpassword/rpcauth are set (a file is created by bitcoind with a randomly generated password in it, and that file is read by bitcoin-cli, and deleted when bitcoind exits).

            – Pieter Wuille
            9 hours ago











          • Should I still have a config file, albeit an empty one?

            – jkabrg
            9 hours ago


















          3
















          The RPC interface is not exposed to anything except localhost by default. So other people on your network, nor people on the internet, can access it unless you have explicitly enabled outside access using rpcbind=<ip> and rpcallowip=<ip>. So even using an insecure rpcpassword should be safe. Furthermore, it is completely useless if you don't also set rpcuser.



          However rpcpassword is deprecated and it is not recommended that you use that. In fact, it is not necessary for it to be set in order to access the RPC interface. A RPC user and password will be provided in the .cookie file that is found in the data directory. bitcoin-cli will automatically use the user and password set in that file.




          (I've just changed the password. Should I restart the sync, given that it's 49% through?)




          Restarting Bitcoin Core will not restart the sync. It will continue where it left off when it stopped. Nothing will be lost if you restart.






          share|improve this answer

























          • Yours was the first answer I saw by about a few seconds. Thank you!

            – jkabrg
            10 hours ago














          Your Answer








          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "308"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          noCode: true, onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );














          draft saved

          draft discarded
















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f90418%2fdoes-rpcpassword-need-to-be-non-obvious-in-bitcoind%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown

























          2 Answers
          2






          active

          oldest

          votes








          2 Answers
          2






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          4
















          By default the RPC interface is only exposed to localhost (127.0.0.1 and ::1), not to the world. In that setting, you need an RPC password only to protect against untrusted local users on your system (unless you're somehow tunneling the RPC port 8332 out).



          That said, why do you have an rpcpassword at all? If you're only going to use bitcoin-cli for example you don't need one since version 0.12 (see https://bitcoin.org/en/release/v0.12.0#rpc-random-cookie-rpc-authentication). If you need for having external applications to to bitcoind, rpcauth is preferred over rpcpassword.



          There is certainly no need to restart syncing.






          share|improve this answer



























          • Isn't the RPC port 8332?

            – Ugam Kamat
            10 hours ago






          • 1





            @UgamKamat Thanks, fixed!

            – Pieter Wuille
            10 hours ago











          • I need it to call bitcoin-cli stop

            – jkabrg
            9 hours ago












          • No need for an rpcpassword at all in that case. Since 0.12 cookie authentication is used when no rpcpassword/rpcauth are set (a file is created by bitcoind with a randomly generated password in it, and that file is read by bitcoin-cli, and deleted when bitcoind exits).

            – Pieter Wuille
            9 hours ago











          • Should I still have a config file, albeit an empty one?

            – jkabrg
            9 hours ago















          4
















          By default the RPC interface is only exposed to localhost (127.0.0.1 and ::1), not to the world. In that setting, you need an RPC password only to protect against untrusted local users on your system (unless you're somehow tunneling the RPC port 8332 out).



          That said, why do you have an rpcpassword at all? If you're only going to use bitcoin-cli for example you don't need one since version 0.12 (see https://bitcoin.org/en/release/v0.12.0#rpc-random-cookie-rpc-authentication). If you need for having external applications to to bitcoind, rpcauth is preferred over rpcpassword.



          There is certainly no need to restart syncing.






          share|improve this answer



























          • Isn't the RPC port 8332?

            – Ugam Kamat
            10 hours ago






          • 1





            @UgamKamat Thanks, fixed!

            – Pieter Wuille
            10 hours ago











          • I need it to call bitcoin-cli stop

            – jkabrg
            9 hours ago












          • No need for an rpcpassword at all in that case. Since 0.12 cookie authentication is used when no rpcpassword/rpcauth are set (a file is created by bitcoind with a randomly generated password in it, and that file is read by bitcoin-cli, and deleted when bitcoind exits).

            – Pieter Wuille
            9 hours ago











          • Should I still have a config file, albeit an empty one?

            – jkabrg
            9 hours ago













          4














          4










          4









          By default the RPC interface is only exposed to localhost (127.0.0.1 and ::1), not to the world. In that setting, you need an RPC password only to protect against untrusted local users on your system (unless you're somehow tunneling the RPC port 8332 out).



          That said, why do you have an rpcpassword at all? If you're only going to use bitcoin-cli for example you don't need one since version 0.12 (see https://bitcoin.org/en/release/v0.12.0#rpc-random-cookie-rpc-authentication). If you need for having external applications to to bitcoind, rpcauth is preferred over rpcpassword.



          There is certainly no need to restart syncing.






          share|improve this answer















          By default the RPC interface is only exposed to localhost (127.0.0.1 and ::1), not to the world. In that setting, you need an RPC password only to protect against untrusted local users on your system (unless you're somehow tunneling the RPC port 8332 out).



          That said, why do you have an rpcpassword at all? If you're only going to use bitcoin-cli for example you don't need one since version 0.12 (see https://bitcoin.org/en/release/v0.12.0#rpc-random-cookie-rpc-authentication). If you need for having external applications to to bitcoind, rpcauth is preferred over rpcpassword.



          There is certainly no need to restart syncing.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited 10 hours ago

























          answered 10 hours ago









          Pieter WuillePieter Wuille

          52.2k4 gold badges106 silver badges177 bronze badges




          52.2k4 gold badges106 silver badges177 bronze badges















          • Isn't the RPC port 8332?

            – Ugam Kamat
            10 hours ago






          • 1





            @UgamKamat Thanks, fixed!

            – Pieter Wuille
            10 hours ago











          • I need it to call bitcoin-cli stop

            – jkabrg
            9 hours ago












          • No need for an rpcpassword at all in that case. Since 0.12 cookie authentication is used when no rpcpassword/rpcauth are set (a file is created by bitcoind with a randomly generated password in it, and that file is read by bitcoin-cli, and deleted when bitcoind exits).

            – Pieter Wuille
            9 hours ago











          • Should I still have a config file, albeit an empty one?

            – jkabrg
            9 hours ago

















          • Isn't the RPC port 8332?

            – Ugam Kamat
            10 hours ago






          • 1





            @UgamKamat Thanks, fixed!

            – Pieter Wuille
            10 hours ago











          • I need it to call bitcoin-cli stop

            – jkabrg
            9 hours ago












          • No need for an rpcpassword at all in that case. Since 0.12 cookie authentication is used when no rpcpassword/rpcauth are set (a file is created by bitcoind with a randomly generated password in it, and that file is read by bitcoin-cli, and deleted when bitcoind exits).

            – Pieter Wuille
            9 hours ago











          • Should I still have a config file, albeit an empty one?

            – jkabrg
            9 hours ago
















          Isn't the RPC port 8332?

          – Ugam Kamat
          10 hours ago





          Isn't the RPC port 8332?

          – Ugam Kamat
          10 hours ago




          1




          1





          @UgamKamat Thanks, fixed!

          – Pieter Wuille
          10 hours ago





          @UgamKamat Thanks, fixed!

          – Pieter Wuille
          10 hours ago













          I need it to call bitcoin-cli stop

          – jkabrg
          9 hours ago






          I need it to call bitcoin-cli stop

          – jkabrg
          9 hours ago














          No need for an rpcpassword at all in that case. Since 0.12 cookie authentication is used when no rpcpassword/rpcauth are set (a file is created by bitcoind with a randomly generated password in it, and that file is read by bitcoin-cli, and deleted when bitcoind exits).

          – Pieter Wuille
          9 hours ago





          No need for an rpcpassword at all in that case. Since 0.12 cookie authentication is used when no rpcpassword/rpcauth are set (a file is created by bitcoind with a randomly generated password in it, and that file is read by bitcoin-cli, and deleted when bitcoind exits).

          – Pieter Wuille
          9 hours ago













          Should I still have a config file, albeit an empty one?

          – jkabrg
          9 hours ago





          Should I still have a config file, albeit an empty one?

          – jkabrg
          9 hours ago













          3
















          The RPC interface is not exposed to anything except localhost by default. So other people on your network, nor people on the internet, can access it unless you have explicitly enabled outside access using rpcbind=<ip> and rpcallowip=<ip>. So even using an insecure rpcpassword should be safe. Furthermore, it is completely useless if you don't also set rpcuser.



          However rpcpassword is deprecated and it is not recommended that you use that. In fact, it is not necessary for it to be set in order to access the RPC interface. A RPC user and password will be provided in the .cookie file that is found in the data directory. bitcoin-cli will automatically use the user and password set in that file.




          (I've just changed the password. Should I restart the sync, given that it's 49% through?)




          Restarting Bitcoin Core will not restart the sync. It will continue where it left off when it stopped. Nothing will be lost if you restart.






          share|improve this answer

























          • Yours was the first answer I saw by about a few seconds. Thank you!

            – jkabrg
            10 hours ago
















          3
















          The RPC interface is not exposed to anything except localhost by default. So other people on your network, nor people on the internet, can access it unless you have explicitly enabled outside access using rpcbind=<ip> and rpcallowip=<ip>. So even using an insecure rpcpassword should be safe. Furthermore, it is completely useless if you don't also set rpcuser.



          However rpcpassword is deprecated and it is not recommended that you use that. In fact, it is not necessary for it to be set in order to access the RPC interface. A RPC user and password will be provided in the .cookie file that is found in the data directory. bitcoin-cli will automatically use the user and password set in that file.




          (I've just changed the password. Should I restart the sync, given that it's 49% through?)




          Restarting Bitcoin Core will not restart the sync. It will continue where it left off when it stopped. Nothing will be lost if you restart.






          share|improve this answer

























          • Yours was the first answer I saw by about a few seconds. Thank you!

            – jkabrg
            10 hours ago














          3














          3










          3









          The RPC interface is not exposed to anything except localhost by default. So other people on your network, nor people on the internet, can access it unless you have explicitly enabled outside access using rpcbind=<ip> and rpcallowip=<ip>. So even using an insecure rpcpassword should be safe. Furthermore, it is completely useless if you don't also set rpcuser.



          However rpcpassword is deprecated and it is not recommended that you use that. In fact, it is not necessary for it to be set in order to access the RPC interface. A RPC user and password will be provided in the .cookie file that is found in the data directory. bitcoin-cli will automatically use the user and password set in that file.




          (I've just changed the password. Should I restart the sync, given that it's 49% through?)




          Restarting Bitcoin Core will not restart the sync. It will continue where it left off when it stopped. Nothing will be lost if you restart.






          share|improve this answer













          The RPC interface is not exposed to anything except localhost by default. So other people on your network, nor people on the internet, can access it unless you have explicitly enabled outside access using rpcbind=<ip> and rpcallowip=<ip>. So even using an insecure rpcpassword should be safe. Furthermore, it is completely useless if you don't also set rpcuser.



          However rpcpassword is deprecated and it is not recommended that you use that. In fact, it is not necessary for it to be set in order to access the RPC interface. A RPC user and password will be provided in the .cookie file that is found in the data directory. bitcoin-cli will automatically use the user and password set in that file.




          (I've just changed the password. Should I restart the sync, given that it's 49% through?)




          Restarting Bitcoin Core will not restart the sync. It will continue where it left off when it stopped. Nothing will be lost if you restart.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered 10 hours ago









          Andrew ChowAndrew Chow

          38.3k4 gold badges28 silver badges70 bronze badges




          38.3k4 gold badges28 silver badges70 bronze badges















          • Yours was the first answer I saw by about a few seconds. Thank you!

            – jkabrg
            10 hours ago


















          • Yours was the first answer I saw by about a few seconds. Thank you!

            – jkabrg
            10 hours ago

















          Yours was the first answer I saw by about a few seconds. Thank you!

          – jkabrg
          10 hours ago






          Yours was the first answer I saw by about a few seconds. Thank you!

          – jkabrg
          10 hours ago



















          draft saved

          draft discarded















































          Thanks for contributing an answer to Bitcoin Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f90418%2fdoes-rpcpassword-need-to-be-non-obvious-in-bitcoind%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Canceling a color specificationRandomly assigning color to Graphics3D objects?Default color for Filling in Mathematica 9Coloring specific elements of sets with a prime modified order in an array plotHow to pick a color differing significantly from the colors already in a given color list?Detection of the text colorColor numbers based on their valueCan color schemes for use with ColorData include opacity specification?My dynamic color schemes

          Invision Community Contents History See also References External links Navigation menuProprietaryinvisioncommunity.comIPS Community ForumsIPS Community Forumsthis blog entry"License Changes, IP.Board 3.4, and the Future""Interview -- Matt Mecham of Ibforums""CEO Invision Power Board, Matt Mecham Is a Liar, Thief!"IPB License Explanation 1.3, 1.3.1, 2.0, and 2.1ArchivedSecurity Fixes, Updates And Enhancements For IPB 1.3.1Archived"New Demo Accounts - Invision Power Services"the original"New Default Skin"the original"Invision Power Board 3.0.0 and Applications Released"the original"Archived copy"the original"Perpetual licenses being done away with""Release Notes - Invision Power Services""Introducing: IPS Community Suite 4!"Invision Community Release Notes

          199年 目錄 大件事 到箇年出世嗰人 到箇年死嗰人 節慶、風俗習慣 導覽選單